Before secure communication of Radio Frequency Identification (RFID), it is necessary to effectively solve the problem of security authentication and key agreement between a RFID reader and a RFID electronic tag. In RFID, because the performance of the electronic tag is poor and the computation and communication capabilities are weak in some application scenarios, it only needs to perform one-way authentication on the electronic tag in such scenarios. As such, because in some special application scenarios of a wireless network, a network access point or a base station often has to authenticate only a mobile terminal, a safe one-way authentication protocol is also necessary in such scenarios.
The US IEEE proposed IEEE 802.11 standard to achieve security of a wireless local area network by using WEP protocol, and subsequently proposed 802.11i standard to relieve security vulnerabilities occurring in Wired Equivalent Privacy (WEP) protocol and support one-way authentication of a mobile terminal by an access point. Meantime, the US IEEE proposed IEEE 802.16 standard to achieve security of a wireless metropolitan area network and provide one-way authentication of a mobile terminal by a base station. Then IEEE802.16e standard was proposed by reference to the 802.11i standard and improved the IEEE 802.16 standard.
However, the inventor found in research that the existing one-way authentication methods cannot achieve direct one-way authentication of the mobile terminal by the base station or the access point, but instead, all these methods achieve the one-way authentication based on an authentication server. That is, when the base station or the access point performs one-way authentication on the mobile terminal, a secure channel needs to be established in advance between the access point and the authentication server or between the base station and the authentication server by means of other security protocol(s), and then the authentication server implements the one-way authentication between the base station or the access point and the mobile terminal. When something is wrong with the security of the secure channel, the reliability of the one-way authentication will be affected. In addition, when a new base station or access point is added into a network system, a secure channel between the base station and the authentication server or between the access point and the authentication server needs to be established manually. This is disadvantageous for the extension of the network system.